Denial of Service Vulnerability in Xerox CopyCentre and WorkCentre Pro
CVE-2006-1137

Currently unrated

Key Information:

Vendor: Xerox
Status: Copycentre C65 Firmware
Vendor: CVE Published:; 10 March 2006

What is CVE-2006-1137?

Multiple vulnerabilities exist in Xerox CopyCentre and WorkCentre Pro devices, specifically in versions of the software prior to 1.001.02.715. Remote attackers can exploit these vulnerabilities by sending crafted PostScript files that trigger denial of service conditions. The vulnerabilities allow unauthorized navigation through directories or expose TCP/IP ports, rendering the devices unresponsive or vulnerable to further attacks.

References

http://www.osvdb.org/23726

vdb-entryx_refsource_OSVDB

http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2006/0857

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2006
Vulnerability Reserved
Mar 10, 2006